CVE-2015-7542

Published: Dec 3, 2019Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.

Affected (7)

Products: Aquamaniac: Gwenhywfar · Debian: Debian Linux · Opensuse: Leap

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Aquamaniac Gwenhywfar	Up to 4.12.0

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 11.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0
Opensuse Leap	Version 42.2
Opensuse Leap	Version 42.3

Related CWEs

Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (8)

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174484.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174540.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2018-01/msg00038.html

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1272503

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174484.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174540.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2018-01/msg00038.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1272503

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.